Multiple vulnerabilities has been found and corrected in clamav:
Fix infinite loop condition on crafted y0da cryptor file. Identified
and patch suggested by Sebastian Andrzej Siewior (CVE-2015-2221).
Fix crash on crafted petite packed file. Reported and patch supplied
by Sebastian Andrzej Siewior (CVE-2015-2222).
Fix an infinite loop condition on a crafted xz archive file. This
was reported by Dimitri Kirchner and Goulven Guiheux (CVE-2015-2668).
Apply upstream patch for possible heap overflow in Henry Spencer’s
regex library (CVE-2015-2305).
Fix crash in upx decoder with crafted file. Discovered and patch
supplied by Sebastian Andrzej Siewior (CVE-2015-2170).
The updated packages provides a solution for these security issues.